CSMS, requirements according to UNECE WP.29, Euro NCAP or ISO 27001 - The entire automotive industry is undergoing a disruptive change: measured by the abundance of new standards and in the course of digitalisation, more and more software services, electronic control systems and cloud APIs are finding their way into vehicles and thus also into their production and development. Closely connected, often still intransparent supply chains through which the applications are provided offer countless points of attack for cyberattacks.

In 2017, the German Association of the Automotive Industry (VDA), together with the French European Network Exchange Association (ENX), developed the now internationally recognised testing and exchange procedure TISAX - Trusted Information Security Assessment Exchange - in order to meet the immeasurably growing attack vectors. This is a certificate that suppliers can use to document their compliance with appropriate security standards to their OEMs. A central element is a strong Identity and Access (IAM) as well as Privileged Access Management (PAM), which protects critical accounts and sets the course for a cyber-resilient supply chain.

In the future, autonomously driving vehicles, transport systems and hybrid driving technologies will shape cityscapes worldwide: Through the intelligent consolidation of a wide variety of electronic systems, cars will be able to communicate with each other, make independent decisions and react confidently to unknown dangerous situations. The innovation potential of this technology is practically limitless - as is the potential damage in the event that the corresponding IT systems are compromised.

Current test standard: VDA Information Security Assessment V. 5.1

The certificate awarded by the ENX Association defines minimum standards for secure information processing, prototype protection and data protection in automotive companies - and enables the industry as a testing and exchange procedure to check the maturity level of information security at potential partners, service providers and suppliers. This is based on a uniform test standard with a defined test procedure for comparability.

With the major update of the VDA ISA to version 5.x in October 2020, the overall structure of the test standard has changed and been modernised. Derived from the information security standard ISO 27001, the focus is strongly on the functioning of the management of cyber security and the protection of access to the data worth protecting within the supply chain.

The update of the entire VDA ISA brought the following innovations:

With the update to version 5.0, the content of the module "Connection of Third Parties" including test targets has now been integrated into the module "Information Security". This means that there are currently only three modules:

Information security

Data protection

Prototype protection

The term "third party connection" describes the situation where a TISAX® user has its own site on a partner's premises and can access (via direct network connections) their systems. According to the VDA, "not only were all the requirements of the "Information Security" module checked with regard to the current state of the art and appropriateness, but redundancies were also removed."

Prevent unauthorised access to privileged accounts

A central aspect is the secure handling of identities and access: In the closely interlinked supply chains of the automotive industry, the integration of external partners and service providers into one's own systems and infrastructures or processes is common practice - but at the same time represents one of the greatest risk factors. A lack of security awareness, the linking of different, actually separate, security zones or the lack of suitable technology are just a few critical factors. For whatever purpose, a logically connected third party often requires user roles with privileged access rights for its access from the outside and usually even remains an anonymous identity.

If one also considers that the number of privileged employee, machine and customer accounts is increasing rapidly in addition to the accounts of external users, it quickly becomes clear how important consistent identity management is for the automotive industry - and what significance a custom-fit strategy with a controllable PAM solution has for the central access management of these accounts.

Provideprivileged rights Just in Time and follow principles

Zero Trust Network Access

Zero Trust is state of the art. The entire cyber community is talking about it. Many companies make zero trust the basic principle of holistic information security strategies. But the strategy behind implementing a true Zero Trust model is not the buzzword Zero Trust per se. Zero Trust has to be complemented by the actually important part, access to the network. Paired together, this results in the new principle: Zero Trust Network Access, or ZTNA for short.

Zero Trust Network Access (ZTNA), also known as Software Defined Perimeter (SDP), refers to a set of technologies and features that allow remote users to securely access internal applications. ZTNA is based on an adaptive trust model. But it only trusts who is implicitly known. Access is only granted according to the absolute necessity principle and just-in-time with minimal assignment of rights. ZTNA is not a stand-alone solution to be implemented. ZTNA is an organisational, technical and cultural principle within the cyber security of an entire organisation. Remote users benefit from seamless and secure connectivity to private applications without ever coupling security zones....

Least Privileges

The Principle of Least Privilege (PoLP) is a well-established concept based on the principle that an internal or external user is only granted the exact number of permissions to certain data and information that he or she needs to perform his or her dedicated tasks in the company or on behalf of it - in no case more. 

However, the least privilege principle also goes beyond access by human users. The model can also be applied to applications, systems or networked devices that require certain privileges or permissions to perform tasks.

The least privilege principle ensures that a non-human tool gets the access it needs - but no more than that.

The least privile ge principle is considered best practice in the cyber security industry and is an essential step in protecting privileged access to high-value data and resources. Here, it is important that the interplay between organisational information security and operational IT security functions seamlessly and ideally interlocks.

Measures of a TISAX-compliant modern PAM strategy

However, the way companies approach the protection of their privileged accounts has changed considerably in recent years: Today, automated, so-called next-generation solutions are increasingly taking the place of selective, manually managed projects. Ideally, PAM initiatives extend the robust foundation of the least privilege principle successively with further components and are based on a zero trust strategy. The standard functions of a PAM solution should at least include session recording, application sharing, secure data transfer, Multi Factor Authentication and live status.

However, a modern PAM solution should be able to distinguish between an external privileged user and internal employees - without the need for two different systems.

TISAX expects complete documentation of access to customer data and traceability of all activities in sensitive areas.

Organisational measures alone are not enough. Selecting and integrating the right PAM solution can be tedious.

The range of international PAM solutions on the market is comparatively broad and choosing the right manufacturer depends on a number of factors:

  • First and foremost, the architecture of the existing network is of crucial importance - whether cloud-native, hybrid or on-premises, whether brownfield or greenfield. Not every PAM solution is equally suitable for the required purpose.
  • Then the question must be asked whether the future PAM solution should take over the entire administration of users and the management of passwords or whether the PAM solution should be connected to existing applications and integrated as an extension.
  • Equally important is the outlook: How high is the integration effort, measured against the achievable output. It should not be neglected that a holistic PAM solution ties up a considerable amount of resources and fundamentally changes internal processes in the area of identity and access management. A PAM solution must fit the use case.
  • When it comes to information security, it is important not to neglect the point that the provider of a PAM solution itself does not pose a future risk to the integrity of its own information that is worth protecting. Current examples show that all-in-one solutions in particular inevitably offer new attack surfaces, the more functions the original PAM solution wants to offer.
  • Based on this first fundamental setting of the course, it is then necessary to select from the multitude of available solutions the one that can best be integrated into the existing IT infrastructure and meets the predefined requirements of the individual stakeholders.

In general, experience from the industry shows that IT departments that have their first contact with the selection of a PAM solution are often overwhelmed and accordingly follow the statements in the market. In the second step, this leads to PAM becoming more of a consulting project than desired, and consultants and system integrators feed the almost limitless field of identity and access management with broad offers and supposedly ever new strategies.

The goal should be to find a PAM solution that can be integrated into the running operation without major interventions and does not require any modifications to clients and endpoints. If this is necessary, it should be noted that these offer potential new entry points and must be taken into account in risk management.

TISAX requires a strict separation of client information also in the logical area. Established security zones must not be coupled even when accessing information


VISULOX - A PAM solution with integrated Remote Support

VISULOX is the leading German PAM solution with integrated remoteSupport platform for secure access from anywhere. We help answer the question of who did what, where and when in IT infrastructures.

amitego is the leading provider of Privileged Access Management solutions and Remote Support platforms in Germany, since 2003.

Tailored to the access and documentation requirements of TISAX, VISULOX is now used as a PAM solution by a large number of small to medium-sized automotive suppliers as well as multinational OEMs. Our team consists of top developers who deliberately maintain close contact with colleagues with many years of TISAX consulting experience. We also count proven TISAX lead auditors among our team.

Our experience shows that we are good listeners. A short personal conversation can very often save long journeys. We would be happy to meet you in a short appointment, if desired with a possible live demo, without obligation.

We would also be happy to explain to you individually, on the basis of the current applicable VDA ISA catalogue, which controls you can fulfil with the introduction of VISULOX adhoc in accordance with the criteria.

Cookie Consent with Real Cookie Banner